#58: Maximise number of STH's published per time unit Logs can mount a fingerprinting attack against clients by issuing separate STH's for clients the wish to track.
This could be thwarted by the standard stipulating a maximum number of STH's that a log is allowed to issue per time unit before it is considered bad. Monitors should be able to detect if a log ignores this limitation. A fair figure might be max one STH per hour, unless someone sees a need for a higher frequency. Implementation wise, you might want this to be configurable for debugging purposes. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-trans- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: rfc6962-bis | Version: Severity: - | Keywords: -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/trans/trac/ticket/58> trans <http://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
